No results were found...

How to merge SPF records

Don't know which version of MailerLite you're using? Click here to find out!
Interested in the New MailerLite? Visit the New vs Classic comparison page.

You may have to include several SPF values in the DNS zone of your domain if you send emails through several services. 

It is only possible to have one SPF record in the DNS zone of your domain. Having more than one SPF record will make the authentication impossible.

If you need to include more than one SPF record in your DNS zone, then you should merge them into a single record.

The mechanisms of an SPF record

Let’s assume your domain is already authenticated through Outlook, so you have the SPF record:

v=spf1 a include:spf.protection.outlook.com -all

Now, you want to authenticate your domain with MailerLite, so you have to add the second SPF record to your DNS page.

v=spf1 a mx include:_spf.mlsend.com ~all

Let’s look at the different parts or mechanisms of an SPF record to better understand how it works.

The “v” prefix

The first part of an SPF record starts with v=spf1, which simply identifies the record as the first version of SPF. This is the only version that exists at the moment. Since you can add several TXT records, this basically tells the DNS of the domain to treat this record as SPF.

The “a”mechanism

Both records also contain the a mechanism afterward, which basically indicates the address of your domain in an IP number. The sending IP must match the A record of the From domain to be authenticated.

The “mx” mechanism

Only the one from MailerLite includes the mx mechanism, which indicates which email servers should be used when emails are being relayed. The sending IP must match the MX record of the From domain to be authenticated.

The “include” mechanism

The middle part of an SPF record begins with include, which basically tells the DNS to include this particular domain in the SPF setup of your domain. It allows emails to be authenticated through the same IPs allowed in the included domain.

The “all” mechanism

The last part of an SPF record, the all mechanism defines how an email should be treated. It should always be at the end of the record, and it is required to be a valid SPF record.

This mechanism will include one of the following qualifiers:

  • +all - it's the default prefix, so it can be omitted

  • ?all - adding this rule creates the impression that there is no SPF, so it’s not recommended

  • -all - it will be rejected and not sent and if the email doesn’t comply with the set rules 

  • ~all - it will be sent but tagged as SOFTFAIL if the email doesn’t comply with the set rules

How to merge several SPF records into a single record

To merge the SPF values, simply include all the parts into one single record, without repeating any mechanisms. Here's how to merge the following example SPF records for Outlook and MailerLite:

v=spf1 a include:spf.protection.outlook.com -all

v=spf1 a mx include:_spf.mlsend.com ~all


1. The SPF record always begins with the version prefix:

v=spf1


2. Both records contain an "a" mechanism and the MailerLite SPF record contains a "mx" mechanism, so include both in the new record:

v=spf1 a mx


3. Then add both "include" mechanisms into the record, resulting in:

v=spf1 a mx include:spf.protection.outlook.com include:_spf.mlsend.com


4. Lastly, we need to define how emails should be treated if they don't comply with the set rules. We do this by using the all mechanism. The last part has to be either ?all, -all or ~all. It’s not possible to have more than one, so it is ultimately your choice which declaration of all your domains will use.

The merged SPF record would look like this:

v=spf1 a mx include:spf.protection.outlook.com include:_spf.mlsend.com ~all

When authenticating your domain, you will have to add an SPF record in your domain's DNS settings. An SPF record indicates which IP addresses and/or hostnames have been authorized to send emails from your domain.

You may have to include several SPF values in the DNS zone of your domain if you send emails through several services. 

It is only possible to have one SPF record in the DNS zone of your domain. Having more than one SPF record will make the authentication impossible, and some hosting providers won’t even allow you to have more than one.  

If you need to include more than one SPF record in your DNS zone, then you should merge them into a single record by including all the values or mechanisms in the same record.

The mechanisms of an SPF record

Let’s assume your domain is already authenticated through Outlook, so you have the SPF record v=spf1 a include:spf.protection.outlook.com -all.

Now, you want to authenticate your domain with MailerLite, so you have to add the second SPF record v=spf1 a mx include:_spf.mlsend.com ~all to your DNS page.

Let’s look at the different parts or mechanisms of an SPF record to better understand how it works.

The “v” prefix

The first part of an SPF record starts with v=spf1, which simply identifies the record as the first version of SPF. This is the only version that exists at the moment. Since you can add several TXT records, this basically tells the DNS of the domain to treat this record as SPF.

The “a” mechanism

Both records also contain the a mechanism afterward, which basically indicates the address of your domain in an IP number. The sending IP must match the A record of the From domain to be authenticated.

The “mx” mechanism

Only the one from MailerLite includes the mx mechanism, which indicates which email servers should be used when emails are being relayed. The sending IP must match the MX record of the From domain to be authenticated.

The “include” mechanism

The middle part of an SPF record begins with include, which basically tells the DNS to include this particular domain in the SPF setup of your domain. It allows emails to be authenticated through the same IPs allowed in the included domain.

The “all” mechanism

The last part of an SPF record, the all mechanism defines how an email should be treated. It should always be at the end of the record, and it is required to be a valid SPF record.

This mechanism will include one of the following qualifiers:

  • +all - it's the default prefix, so it can be omitted

  • ?all - adding this rule creates the impression that there is no SPF, so it’s not recommended

  • -all - it will be rejected and not sent and if the email doesn’t comply with the set rules

  • ~all - it will be sent but tagged as SOFTFAIL if the email doesn’t comply with the set rules

How to merge several SPF records into a single record

To merge the SPF values, simply include all the parts into one single record, without repeating any mechanisms. 

This means that if both records have an a, it should only be included once at the beginning in the default record. If only one of the records includes an mx, it should also be included in the first part. 

However, please note that the last part has to be either ?all, -all or ~all. It’s not possible to have more than one, so it is ultimately your choice which declaration of all your domains will use. 

The merged SPF record would look like this:

v=spf1 a mx include:_spf.mlsend.com include:spf.protection.outlook.com -all.

Last time edited: Feb 28, 2024
Related articles
How to authenticate domains and verify emails GoDaddy step-by-step domain authentication Wix step-by-step domain authentication Tips on how to improve your deliverability Phishing in email marketing Why you should never use a purchased email list The basics of DMARC